http://sentinelchangelog.net/tags/t1136.003/Recent content in T1136.003 on sentinelchangelog.netHugo -- 0.157.0enMon, 01 Jun 2026 04:39:34 +0000http://sentinelchangelog.net/posts/2026-06-01-pr-14245/Mon, 01 Jun 2026 04:39:34 +0000http://sentinelchangelog.net/posts/2026-06-01-pr-14245/Slack Audit analytic rules, hunting queries, and workbook upgraded with improved KQL logic, custom alert details, and enhanced entity mappings for stronger workspace monitoring.http://sentinelchangelog.net/posts/2026-05-29-pr-14299/Fri, 29 May 2026 10:56:48 +0000http://sentinelchangelog.net/posts/2026-05-29-pr-14299/Three new hunting queries target Midnight Blizzard-style persistence patterns — service principal credential staging, privileged role assignments to new accounts, and Temporary Access Pass abuse.http://sentinelchangelog.net/posts/2026-05-18-pr-14101/Mon, 18 May 2026 07:30:57 +0000http://sentinelchangelog.net/posts/2026-05-18-pr-14101/Comprehensive quality improvements to 61 AWS Analytic Rules and 35 Hunting Queries with standardized naming conventions, normalized MITRE technique mappings, and updated entity field references from legacy AccountCustomEntity to UserIdentityUserName.http://sentinelchangelog.net/posts/2026-04-13-pr-14049/Mon, 13 Apr 2026 10:07:13 +0000http://sentinelchangelog.net/posts/2026-04-13-pr-14049/Critical improvements to AccountCreatedandDeletedinShortTimeframe rule extend detection window to 7 days and use immutable UserID correlation to prevent timing-based evasion techniques.http://sentinelchangelog.net/posts/2026-04-10-pr-13848/Fri, 10 Apr 2026 15:05:24 +0000http://sentinelchangelog.net/posts/2026-04-10-pr-13848/New deployment-ready training lab delivers 14 guided exercises with pre-recorded telemetry, detection rules, and automation workflows for practical Microsoft Sentinel skill development.